urlscan.io logo urlscan.io
SecurityTrails logo

www.23linker.com Open in urlscan Pro
94.237.93.242  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ofkfhfyrtdh.s3.amazonaws.com/HT.html#qs=r-acacafjbbhfiacafjgkgababacaefacbhaceaikfaddhfacgghijacb
Effective URL: https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484kw,14861816,5,7521&c...
Submission: On March 28 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 2 countries across 18 domains to perform 43 HTTP transactions. The main IP is 94.237.93.242, located in and belongs to . The main domain is www.23linker.com.
TLS certificate: Issued by R3 on February 3rd 2023. Valid for: 3 months.
This is the only time www.23linker.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.216.36.65 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
ofkfhfyrtdh.s3.amazonaws.com
1    139.64.164.100 (Denver, United States)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: amusespring.com
139.64.164.100
1    208.116.59.16 (South Plainfield, United States)

ASN25653 (FORTRESSITX, US)
PTR: petsittersdirectory.club
beamingtime.com
1    38.102.245.195 (Redondo Beach, United States)

ASN174 (COGENT-174, US)
offer-connect.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    13.32.99.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-40.fra60.r.cloudfront.net
api.pushnami.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    107.20.152.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-152-124.compute-1.amazonaws.com
trc.pushnami.com
2    50.17.162.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-162-243.compute-1.amazonaws.com
psp.pushnami.com
4    2606:4700:3032::6815:1cae (None, )

ASN- ()
lynku.jukminung.com
2    2606:4700:3035::ac43:9efb (None, )

ASN- ()
cdn.addlnk.com
3    67.212.184.149 (None, )

ASN- ()
ozil.glumiville.com
3    51.68.81.31 (None, )

ASN- ()
www.turbotrck.art
1    34.90.46.36 (None, )

ASN- ()
admoustache.media-412.com
2    2a06:98c1:3121::3 (None, )

ASN- ()
yeah.achelous.mobi
1    2606:4700::6810:3865 (None, )

ASN- ()
static.cloudflareinsights.com
1    174.138.122.163 (None, )

ASN- ()
c.adups.app
1    94.237.99.118 (None, )

ASN- ()
1263f4cc956a.99offrs.com
13    94.237.93.242 (None, )

ASN- ()
www.23linker.com
1    3.64.163.50 (None, )

ASN- ()
these.reallyspcials.com
Domain Requested by
13 www.23linker.com www.23linker.com
4 lynku.jukminung.com offer-connect.com
ofkfhfyrtdh.s3.amazonaws.com
lynku.jukminung.com
3 www.turbotrck.art 2 redirects ozil.glumiville.com
3 ozil.glumiville.com lynku.jukminung.com
ozil.glumiville.com
2 yeah.achelous.mobi www.turbotrck.art
static.cloudflareinsights.com
2 cdn.addlnk.com lynku.jukminung.com
yeah.achelous.mobi
2 psp.pushnami.com api.pushnami.com
2 trc.pushnami.com api.pushnami.com
2 api.pushnami.com offer-connect.com
api.pushnami.com
2 maxcdn.bootstrapcdn.com offer-connect.com
maxcdn.bootstrapcdn.com
1 these.reallyspcials.com www.23linker.com
1 1263f4cc956a.99offrs.com yeah.achelous.mobi
1 c.adups.app 1 redirects
1 static.cloudflareinsights.com yeah.achelous.mobi
1 admoustache.media-412.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com offer-connect.com
1 ajax.googleapis.com offer-connect.com
1 offer-connect.com beamingtime.com
1 beamingtime.com ofkfhfyrtdh.s3.amazonaws.com
1 ofkfhfyrtdh.s3.amazonaws.com
43 21

This site contains no links.

Subject Issuer Validity Valid
beamingtime.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-15 -
2024-04-14		 a year crt.sh
offer-connect.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-28 -
2023-07-23		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-12-30 -
2023-12-30		 a year crt.sh
*.pushnami.com
Amazon RSA 2048 M01		 2023-03-04 -
2024-04-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-03-06 -
2023-05-29		 3 months crt.sh
ozil.glumiville.com
R3		 2023-03-27 -
2023-06-25		 3 months crt.sh
www.turbotrck.art
R3		 2023-02-28 -
2023-05-29		 3 months crt.sh
*.99offrs.com
R3		 2023-03-24 -
2023-06-22		 3 months crt.sh
*.23linker.com
R3		 2023-02-03 -
2023-05-04		 3 months crt.sh
dan.com
Go Daddy Secure Certificate Authority - G2		 2022-12-21 -
2024-01-22		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484kw,14861816,5,7521&ctrack=1679996420.2835872298
Frame ID: D40599415F5109A1D4ACAD7890449086
Requests: 37 HTTP requests in this frame

Frame: https://api.pushnami.com/scripts/v1/hub
Frame ID: 6B182ECE5A6B89ED3C237D61B266769E
Requests: 1 HTTP requests in this frame

Frame: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1679990400
Frame ID: 96B472B8152C81467DACE6A373246DB6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://ofkfhfyrtdh.s3.amazonaws.com/HT.html Page URL
  2. http://139.64.164.100/qs=r-acacafjbbhfiacafjgkgababacaefacbhaceaikfaddhfacgghijacb HTTP 302
    https://beamingtime.com/176276dbd59a327f800/48595_1_13_2264_34/afcQcryjyDdNSRjlTqcGMdzelTPDaxlhHPfyD... Page URL
  3. https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21... Page URL
  4. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334170318&pubid=690192 Page URL
  5. https://ozil.glumiville.com/?utm_medium=4e9993c7e42157a307110d2807ad71b202109695&utm_campaign=mainstream... Page URL
  6. https://ozil.glumiville.com/?utm_term=7215529668428955737&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949... Page URL
  7. https://ozil.glumiville.com/proc.php?16b49f509470eb32fba98b95670c7813d762ae5e Page URL
  8. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7215529668428955737&website... Page URL
  9. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7215529668428955737&website... HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7215529668428955737&website... HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330005339906094607ce7821ba193125... HTTP 302
    https://yeah.achelous.mobi/rc/a91581ead4?affclick=6422b602c6e8f80001ce934d&pubid=503 Page URL
  10. https://c.adups.app/36399?click=pubd6334b87495645eeabe4e23eba681183&pubid=a210515d HTTP 302
    https://1263f4cc956a.99offrs.com/?p=7521&media_type=adult&pi=CPA&click_id=23C28151019A0363990298835rnyE Page URL
  11. https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • api\.pushnami\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

43
Requests

93 %
HTTPS

36 %
IPv6

18
Domains

21
Subdomains

20
IPs

2
Countries

411 kB
Transfer

669 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ofkfhfyrtdh.s3.amazonaws.com/HT.html Page URL
  2. http://139.64.164.100/qs=r-acacafjbbhfiacafjgkgababacaefacbhaceaikfaddhfacgghijacb HTTP 302
    https://beamingtime.com/176276dbd59a327f800/48595_1_13_2264_34/afcQcryjyDdNSRjlTqcGMdzelTPDaxlhHPfyDRyqXT/34 Page URL
  3. https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334170318&pubid=690192 Page URL
  4. https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334170318&pubid=690192 Page URL
  5. https://ozil.glumiville.com/?utm_medium=4e9993c7e42157a307110d2807ad71b202109695&utm_campaign=mainstream_redirect&1=f82429a8&cid=pubc1a49263581e40f1ab3129de7c09a2cf&2=690192 Page URL
  6. https://ozil.glumiville.com/?utm_term=7215529668428955737&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e075 Page URL
  7. https://ozil.glumiville.com/proc.php?16b49f509470eb32fba98b95670c7813d762ae5e Page URL
  8. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7215529668428955737&website=13260-a70cb436-74647af9&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074 Page URL
  9. https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7215529668428955737&website=13260-a70cb436-74647af9&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=9bc797791c902b643d0f8d044004b17e&eyer=0.3834951815205585&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=ozil.glumiville.com HTTP 302
    https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7215529668428955737&website=13260-a70cb436-74647af9&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.3834951815205585&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=ozil.glumiville.com HTTP 302
    https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330005339906094607ce7821ba193125d941c0328-202303-flb*5564921-b2be6*M7215529668428955737*sl_5564921-b2be6*b22a79895a57d86916714a3f0b353957797a6bfa*13260-a70cb436-74647af9*13260 HTTP 302
    https://yeah.achelous.mobi/rc/a91581ead4?affclick=6422b602c6e8f80001ce934d&pubid=503 Page URL
  10. https://c.adups.app/36399?click=pubd6334b87495645eeabe4e23eba681183&pubid=a210515d HTTP 302
    https://1263f4cc956a.99offrs.com/?p=7521&media_type=adult&pi=CPA&click_id=23C28151019A0363990298835rnyE Page URL
  11. https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484kw,14861816,5,7521&ctrack=1679996420.2835872298 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://139.64.164.100/qs=r-acacafjbbhfiacafjgkgababacaefacbhaceaikfaddhfacgghijacb HTTP 302
  • https://beamingtime.com/176276dbd59a327f800/48595_1_13_2264_34/afcQcryjyDdNSRjlTqcGMdzelTPDaxlhHPfyDRyqXT/34
Request Chain 23
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7215529668428955737&website=13260-a70cb436-74647af9&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=9bc797791c902b643d0f8d044004b17e&eyer=0.3834951815205585&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=ozil.glumiville.com HTTP 302
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7215529668428955737&website=13260-a70cb436-74647af9&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074&eyeg=3&eyer=0.3834951815205585&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=ozil.glumiville.com HTTP 302
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330005339906094607ce7821ba193125d941c0328-202303-flb*5564921-b2be6*M7215529668428955737*sl_5564921-b2be6*b22a79895a57d86916714a3f0b353957797a6bfa*13260-a70cb436-74647af9*13260 HTTP 302
  • https://yeah.achelous.mobi/rc/a91581ead4?affclick=6422b602c6e8f80001ce934d&pubid=503
Request Chain 27
  • https://c.adups.app/36399?click=pubd6334b87495645eeabe4e23eba681183&pubid=a210515d HTTP 302
  • https://1263f4cc956a.99offrs.com/?p=7521&media_type=adult&pi=CPA&click_id=23C28151019A0363990298835rnyE

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
HT.html
ofkfhfyrtdh.s3.amazonaws.com/ 		102 B
496 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ofkfhfyrtdh.s3.amazonaws.com/HT.html
Protocol
HTTP/1.1
Server
52.216.36.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
102
Content-Type
text/html
Date
Tue, 28 Mar 2023 09:40:06 GMT
ETag
"f0ffbf18d28fff661cd8ae77c9e424e0"
Last-Modified
Mon, 27 Mar 2023 10:22:27 GMT
Server
AmazonS3
x-amz-id-2
Opg1O1pGVE/vJG9JbiS2Gx738zZfiDeHnTqwSSNivV1BjGAM5rgXGiLiLaMFwJ3Z5+awzySLHs4=
x-amz-request-id
M9SXZM22WKG8HEK1
x-amz-server-side-encryption
AES256
34
beamingtime.com/176276dbd59a327f800/48595_1_13_2264_34/afcQcryjyDdNSRjlTqcGMdzelTPDaxlhHPfyDRyqXT/
Redirect Chain
  • http://139.64.164.100/qs=r-acacafjbbhfiacafjgkgababacaefacbhaceaikfaddhfacgghijacb
  • https://beamingtime.com/176276dbd59a327f800/48595_1_13_2264_34/afcQcryjyDdNSRjlTqcGMdzelTPDaxlhHPfyDRyqXT/34
252 B
565 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beamingtime.com/176276dbd59a327f800/48595_1_13_2264_34/afcQcryjyDdNSRjlTqcGMdzelTPDaxlhHPfyDRyqXT/34
Requested by
Host: ofkfhfyrtdh.s3.amazonaws.com
URL: http://ofkfhfyrtdh.s3.amazonaws.com/HT.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.116.59.16 South Plainfield, United States, ASN25653 (FORTRESSITX, US),
Reverse DNS
petsittersdirectory.club
Software
Apache /
Resource Hash

Request headers

Referer
http://ofkfhfyrtdh.s3.amazonaws.com/HT.html#qs=r-acacafjbbhfiacafjgkgababacaefacbhaceaikfaddhfacgghijacb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
252
Content-Type
text/html; charset=UTF-8
Date
Tue, 28 Mar 2023 09:40:10 GMT
Server
Apache

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Tue, 28 Mar 2023 09:40:08 GMT
Server
nginx
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
location
https://beamingtime.com/176276dbd59a327f800/48595_1_13_2264_34/afcQcryjyDdNSRjlTqcGMdzelTPDaxlhHPfyDRyqXT/34
/
offer-connect.com/ 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334170318&pubid=690192
Requested by
Host: beamingtime.com
URL: https://beamingtime.com/176276dbd59a327f800/48595_1_13_2264_34/afcQcryjyDdNSRjlTqcGMdzelTPDaxlhHPfyDRyqXT/34
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.102.245.195 Redondo Beach, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx/1.10.2 /
Resource Hash
42fa66b97e0ca198bfa261e2398544d9b3dbe31a60ebb010f1afd102d851df5d

Request headers

Referer
https://beamingtime.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Content-Length
10008
Content-Type
text/html
Date
Tue, 28 Mar 2023 13:04:27 GMT
ETag
"63efd888-2718"
Last-Modified
Fri, 17 Feb 2023 19:42:00 GMT
Server
nginx/1.10.2
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334170318&pubid=690192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Wed, 22 Mar 2023 18:05:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
488100
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Mar 2024 18:05:11 GMT
css
fonts.googleapis.com/ 		6 KB
920 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Work+Sans:400,300,500,700,600,800
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334170318&pubid=690192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
41932365d84f651e0b60d43e451e494530d6c85455b04df9416577e584c382f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Mar 2023 09:40:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Mar 2023 09:40:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Mar 2023 09:40:11 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334170318&pubid=690192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 09:40:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
722
age
4032277
cdn-cachedat
11/18/2022 06:18:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
be050c61329891fb4ef880afd785a1b0
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7aeee90299aa2c6e-FRA
cdn-requestpullsuccess
True
63ed63298591f2001320edcc
api.pushnami.com/scripts/v1/pushnami-adv/ 		88 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334170318&pubid=690192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-40.fra60.r.cloudfront.net
Software
/
Resource Hash
ee607772e922f816ff318576900b4a7ca92449cd3f15881481a11fe30d934cdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://offer-connect.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 09:35:29 GMT
content-encoding
gzip
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
282
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
no-cache
x-amz-cf-id
5KTFd0hfuw5lPX6byPHF7G2p0xC3fqEwGWQrQ4TJ-fp-hPTc4c8NzQ==
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://offer-connect.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 09:40:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
752
age
1873530
cdn-cachedat
08/17/2022 18:20:14
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
746933e61529be8366407880fd47077a
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7aeee903b9419a05-FRA
cdn-requestpullsuccess
True
QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v18/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:400,300,500,700,600,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offer-connect.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 08:37:43 GMT
x-content-type-options
nosniff
age
3748
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47728
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 17:55:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Mar 2024 08:37:43 GMT
track
trc.pushnami.com/api/push/ 		2 B
168 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.20.152.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-152-124.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://offer-connect.com/
accept-language
de-DE,de;q=0.9
key
63ed63298591f2001320edcc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Tue, 28 Mar 2023 09:40:11 GMT
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
content-length
2
content-type
text/html; charset=utf-8
track
trc.pushnami.com/api/push/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trc.pushnami.com/api/push/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.20.152.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-152-124.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://offer-connect.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,key
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
date
Tue, 28 Mar 2023 09:40:11 GMT
hub
api.pushnami.com/scripts/v1/ Frame 6B18 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.pushnami.com/scripts/v1/hub
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-40.fra60.r.cloudfront.net
Software
/
Resource Hash
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' *
X-Content-Security-Policy default-src 'unsafe-inline' *

Request headers

Referer
https://offer-connect.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET,PUT,POST,DELETE
access-control-allow-origin
*
age
2073
cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src 'unsafe-inline' *
content-type
text/html; charset=utf-8
date
Tue, 28 Mar 2023 09:05:38 GMT
vary
accept-encoding
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
x-amz-cf-id
eyPKuJ1AYji8uZlMQ44fDqFQgtfEk9zUoDHgNI0SUpOJESzb5ThkIA==
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
x-content-security-policy
default-src 'unsafe-inline' *
x-webkit-csp
default-src 'unsafe-inline' *
psp
psp.pushnami.com/api/ 		2 B
224 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Requested by
Host: api.pushnami.com
URL: https://api.pushnami.com/scripts/v1/pushnami-adv/63ed63298591f2001320edcc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.162.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-162-243.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept
application/json, text/plain, */*
Referer
https://offer-connect.com/
accept-language
de-DE,de;q=0.9
key
63ed63298591f2001320edcc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://offer-connect.com
date
Tue, 28 Mar 2023 09:40:12 GMT
cache-control
no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
accept-encoding
content-type
text/html; charset=utf-8
psp
psp.pushnami.com/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://psp.pushnami.com/api/psp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.162.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-162-243.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
key
Access-Control-Request-Method
POST
Origin
https://offer-connect.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
key
access-control-allow-methods
POST
access-control-allow-origin
https://offer-connect.com
access-control-expose-headers
content-type, content-length, etag
access-control-max-age
600
cache-control
no-cache
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 28 Mar 2023 09:40:12 GMT
vary
accept-encoding
9e8aef8068
lynku.jukminung.com/rc/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334170318&pubid=690192
Requested by
Host: offer-connect.com
URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334170318&pubid=690192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1cae -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
29eb1d7e5d2f4bd042400e7ef3e9184caf99aeb565311bad8af63f00f1f91bd7

Request headers

Referer
https://offer-connect.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7aeee926bc772c65-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Tue, 28 Mar 2023 09:40:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qYYeDUeHa3mdm3z%2FeP5U2dTvbuyCsSl%2FRb1yntOcgQnJ2xadRVJYmwjg2op5efabF%2B%2B1FUXIJRtZDcF7Pv8uPx0bKTemlse7xFj8jRj%2FCO2ut%2B8XW9kdvuBNAWw5cFpTHJSQsaZk%2FnrRpbmHCGiuHip0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie
redirect.css
cdn.addlnk.com/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334170318&pubid=690192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9efb -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 09:40:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BE6X12RQ3QEESWJ7
age
2480
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
k4aAl7rxzoBqri0E8cBF5lQUKYre9Tm/GjpCYzN1JvAPALCrD3HjXBElO2FAh7+hS0u6Bc+0iNQ=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7O2no0tHzFckku0Kq2jOuVX8YARWbgcXWq1hbF4M8vWtIxg08mxoTY5mSwUFaVzh1ORi6IBmSuLRIcdC8S4xub4dpGkiBdR5QiqpMaDnlAunds9E1PcLbQjG95m0Z1MK0s3s%2BCtMEDuQoTZhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7aeee92849373645-FRA
invisible.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame 96B4 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1679990400
Requested by
Host: ofkfhfyrtdh.s3.amazonaws.com
URL: http://ofkfhfyrtdh.s3.amazonaws.com/HT.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:1cae -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
07a29f8490466682dbd32d15165cf11b0003e1d191f49358e4150f0f80daf24f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 09:40:17 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReMcJ0xBWsqYBTQhU4C6pQ5rhh8eff%2FMAbgOHIE3qcQLtnZi73wLzTIyN7s99jdjjrjzpSRht%2B61YJ2SYAhMoKWbP5v9imCrjylGfgzN%2FBeC2TlZdMD47B7zUVuUBYZ%2B9mqLE19CJV7AwHwdd4t8lwoU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7aeee9288f052c65-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame 96B4 		7 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1cae -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 09:40:17 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OcyuKu27uVIqNRaOa6vu2P74F4pR6GUJyt6NhWzWblJ1xvOlTeenfxVj2GQQtG%2BY%2FvOgbWkRfNaNqRQOGIO5MoOwwmCFusQeLsKKzznSL%2BqE82FtNahu2XAmYJrb3eblmhmee3PX%2BSoFEtNEIsvuAetY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
x-control-type-options
nosniff
cf-ray
7aeee928cbcebb71-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
ozil.glumiville.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ozil.glumiville.com/?utm_medium=4e9993c7e42157a307110d2807ad71b202109695&utm_campaign=mainstream_redirect&1=f82429a8&cid=pubc1a49263581e40f1ab3129de7c09a2cf&2=690192
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334170318&pubid=690192
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.212.184.149 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.2.0
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 28 Mar 2023 09:40:17 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://ozil.glumiville.com/?utm_term=7215529668428955737&ver=4viyaptcjo
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
7aeee926bc772c65
lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame 96B4 		2 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/cv/result/7aeee926bc772c65
Requested by
Host: lynku.jukminung.com
URL: https://lynku.jukminung.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1679990400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:1cae -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 28 Mar 2023 09:40:17 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqpy28k8Qzn9Wdt7jYuS4qv7%2BsBMaLADuiS1XIcnWWm7%2F%2BdryDYvN9lPtEfIZWa%2FZkuWHMqgA%2FV945qdrELFODszgNbVVOrdkyPWib7Jbw4L%2BZ6w5JTcNehIg8OHvrjsenwpTH6Eg1sOghheQ%2BBjs7E1"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7aeee92a9e6bbb71-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
ozil.glumiville.com/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ozil.glumiville.com/?utm_term=7215529668428955737&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e075
Requested by
Host: ozil.glumiville.com
URL: https://ozil.glumiville.com/?utm_medium=4e9993c7e42157a307110d2807ad71b202109695&utm_campaign=mainstream_redirect&1=f82429a8&cid=pubc1a49263581e40f1ab3129de7c09a2cf&2=690192
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.212.184.149 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.2.0
Resource Hash
1a9e72104ecab78644102e743d239d323373b19fa601649f35bdc7af60947e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Referer
https://ozil.glumiville.com/?utm_medium=4e9993c7e42157a307110d2807ad71b202109695&utm_campaign=mainstream_redirect&1=f82429a8&cid=pubc1a49263581e40f1ab3129de7c09a2cf&2=690192
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 28 Mar 2023 09:40:17 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
proc.php
ozil.glumiville.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ozil.glumiville.com/proc.php?16b49f509470eb32fba98b95670c7813d762ae5e
Requested by
Host: ozil.glumiville.com
URL: https://ozil.glumiville.com/?utm_term=7215529668428955737&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e075
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.212.184.149 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.2.0
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains

Request headers

Referer
https://ozil.glumiville.com/?utm_term=7215529668428955737&ver=4viyaptcjo&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889bf8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e075
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 28 Mar 2023 09:40:18 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7215529668428955737&website=13260-a70cb436-74647af9&placement=13260
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubdomains
vary
Accept-Encoding
x-powered-by
PHP/8.2.0
/
www.turbotrck.art/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7215529668428955737&website=13260-a70cb436-74647af9&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Requested by
Host: ozil.glumiville.com
URL: https://ozil.glumiville.com/proc.php?16b49f509470eb32fba98b95670c7813d762ae5e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.68.81.31 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ozil.glumiville.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-CH
Sec-CH-UA-Platform-Version
Cache-Control
no-transform
Connection
keep-alive
Content-Type
text/html
Date
Tue, 28 Mar 2023 09:40:18 GMT
Transfer-Encoding
chunked
a91581ead4
yeah.achelous.mobi/rc/
Redirect Chain
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7215529668428955737&website=13260-a70cb436-74647af9&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbe...
  • https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7215529668428955737&website=13260-a70cb436-74647af9&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbe...
  • https://admoustache.media-412.com/sl?id=63ef5a2a8dec34873b6049c7&pid=503&sub1=330005339906094607ce7821ba193125d941c0328-202303-flb*5564921-b2be6*M7215529668428955737*sl_5564921-b2be6*b22a79895a57d8...
  • https://yeah.achelous.mobi/rc/a91581ead4?affclick=6422b602c6e8f80001ce934d&pubid=503
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yeah.achelous.mobi/rc/a91581ead4?affclick=6422b602c6e8f80001ce934d&pubid=503
Requested by
Host: www.turbotrck.art
URL: https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7215529668428955737&website=13260-a70cb436-74647af9&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
16a16f20db86c407ed70e92c827ebee60bacd75ea9c1a45cf16a8345ebb00eb1

Request headers

Referer
https://www.turbotrck.art/?sl=5564921-b2be6&data1=Track1&data2=Track2&tag=M7215529668428955737&website=13260-a70cb436-74647af9&placement=13260&utm_content=fdc2c69a9cafac9c949390a197959495ba88b8ccbecabcbd83858081b6868685ba8bb889be8f8cbc828380ede7e9e0f6f9fae8fcb3efeef4fff2e2e896a694d285848f858bcfa58381cde0d3d2e7d6d1fafbf88d8c8a99fdf2c2f0c0c0c7c4f5fbf9f8f9cecfcccdc2f5f6f3f3f3f3f3e8efe8edeaebefe9e074
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7aeee932cc9291f5-FRA
content-encoding
br
content-language
en-us
content-type
text/html; charset=utf-8
date
Tue, 28 Mar 2023 09:40:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1pFfgJZB1NKN7q2lJIpTerCokb8zFdRe0uv95FM%2FumQv5aLyqjQaR5rey2T1VotG%2Bkaczb%2BrJKtq%2B7n8v4chR%2FF0KyBu0HEvLRTsAkDOeT3g4gWY00ilnRKys5dApVKpc4qWIO2aZ0msQ98qL7PShs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding, Accept-Language, Cookie

Redirect headers

access-control-allow-origin
*
content-length
0
date
Tue, 28 Mar 2023 09:40:18 GMT
location
https://yeah.achelous.mobi/rc/a91581ead4?affclick=6422b602c6e8f80001ce934d&pubid=503
referer
referrer-policy
no-referrer
server
nginx
x-adjust-use-original-forwarded-for
1
redirect.css
cdn.addlnk.com/ 		1 KB
711 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.addlnk.com/redirect.css
Requested by
Host: yeah.achelous.mobi
URL: https://yeah.achelous.mobi/rc/a91581ead4?affclick=6422b602c6e8f80001ce934d&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9efb -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 09:40:19 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BE6X12RQ3QEESWJ7
age
2482
cf-polished
origSize=1680
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
k4aAl7rxzoBqri0E8cBF5lQUKYre9Tm/GjpCYzN1JvAPALCrD3HjXBElO2FAh7+hS0u6Bc+0iNQ=
cf-bgj
minify
last-modified
Wed, 13 Mar 2019 00:03:12 GMT
server
cloudflare
etag
W/"3ae56d32551602b41f9046c14d1cfde2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4GJZg167ksMOapD3HZwR9JqLX6QmxlYMDNSpDgiGC8yfOD5u1F%2FDAAOvp8Szu5ubwSpGe5hFc2fHg6wgzcsl3fi%2BsAjrjnYKRtUXnjdYBza4WaTrQ8UyzUHq2h7JA%2Fcscz%2FCvlRAqsbyhpkDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-ray
7aeee9336a393645-FRA
vb26e4fa9e5134444860be286fd8771851679335129114
static.cloudflareinsights.com/beacon.min.js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114
Requested by
Host: yeah.achelous.mobi
URL: https://yeah.achelous.mobi/rc/a91581ead4?affclick=6422b602c6e8f80001ce934d&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a4ef73601a6552d55503bcbd9b6cd23fc0c33fa075f8efe724cddd4e3ee55542

Request headers

Referer
Origin
https://yeah.achelous.mobi
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 09:40:19 GMT
content-encoding
gzip
last-modified
Mon, 20 Mar 2023 17:58:49 GMT
server
cloudflare
etag
W/2023.3.0
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7aeee933a93730d0-FRA
rum
yeah.achelous.mobi/cdn-cgi/ 		0
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yeah.achelous.mobi/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vb26e4fa9e5134444860be286fd8771851679335129114
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
content-type
application/json

Response headers

date
Tue, 28 Mar 2023 09:40:19 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://yeah.achelous.mobi
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7aeee9341dd091f5-FRA
/
1263f4cc956a.99offrs.com/
Redirect Chain
  • https://c.adups.app/36399?click=pubd6334b87495645eeabe4e23eba681183&pubid=a210515d
  • https://1263f4cc956a.99offrs.com/?p=7521&media_type=adult&pi=CPA&click_id=23C28151019A0363990298835rnyE
984 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1263f4cc956a.99offrs.com/?p=7521&media_type=adult&pi=CPA&click_id=23C28151019A0363990298835rnyE
Requested by
Host: yeah.achelous.mobi
URL: https://yeah.achelous.mobi/rc/a91581ead4?affclick=6422b602c6e8f80001ce934d&pubid=503
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.99.118 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a008e8f8034907560e8d3c7dcf17e301be47ee7e4111832a7591abb26f172912

Request headers

Referer
https://yeah.achelous.mobi/rc/a91581ead4?affclick=6422b602c6e8f80001ce934d&pubid=503
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 28 Mar 2023 09:40:20 GMT
expires
Tue, 28 Mar 2023 09:40:20 GMT
last-modified
Tue, 28 Mar 2023 09:40:20 GMT
pragma
no-cache
vary
Accept-Encoding
x-robots-tag
noindex, nofollow

Redirect headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-length
274
content-type
text/html; charset=utf-8
date
Tue, 28 Mar 2023 09:40:19 GMT
expires
0
location
https://1263f4cc956a.99offrs.com/?p=7521&media_type=adult&pi=CPA&click_id=23C28151019A0363990298835rnyE
pragma
no-cache
surrogate-control
no-store
vary
Accept, Accept-Encoding
x-powered-by
Express
rum
yeah.achelous.mobi/cdn-cgi/ 		0
0
Primary Request mobi
www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/ 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484kw,14861816,5,7521&ctrack=1679996420.2835872298
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.93.242 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
1fed6296c757fe05090d180d0a1a6aa03faa66186a7f0b2ec92bc269f1f65474

Request headers

Referer
https://1263f4cc956a.99offrs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 28 Mar 2023 09:40:20 GMT
vary
Accept-Encoding
jquery-1.js
www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/js/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/js/jquery-1.js
Requested by
Host: www.23linker.com
URL: https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484kw,14861816,5,7521&ctrack=1679996420.2835872298
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.93.242 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484kw,14861816,5,7521&ctrack=1679996420.2835872298
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
public
date
Tue, 28 Mar 2023 09:40:20 GMT
content-encoding
gzip
last-modified
Mon, 27 Mar 2023 08:18:30 GMT
etag
W/"64215156-16bb3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Wed, 27 Mar 2024 09:40:20 GMT
script.js
www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/js/script.js
Requested by
Host: www.23linker.com
URL: https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484kw,14861816,5,7521&ctrack=1679996420.2835872298
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.93.242 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b3c2a92f7ac7f16d0a5f142350fdc4d41f36da0acaff5471247b663f67c7905

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484kw,14861816,5,7521&ctrack=1679996420.2835872298
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
public
date
Tue, 28 Mar 2023 09:40:20 GMT
content-encoding
gzip
last-modified
Mon, 27 Mar 2023 08:18:30 GMT
etag
W/"64215156-da7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000, public
expires
Wed, 27 Mar 2024 09:40:20 GMT
style.css
www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/css/style.css
Requested by
Host: www.23linker.com
URL: https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484kw,14861816,5,7521&ctrack=1679996420.2835872298
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.93.242 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7603e5ddb2cefe7351088be73cb6531f0b0b9198ed8ef01e935694c7f290cbb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484kw,14861816,5,7521&ctrack=1679996420.2835872298
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
public
date
Tue, 28 Mar 2023 09:40:20 GMT
content-encoding
gzip
last-modified
Mon, 27 Mar 2023 08:18:30 GMT
etag
W/"64215156-14ab"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
expires
Wed, 27 Mar 2024 09:40:20 GMT
img1.jpg
www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/images/img1.jpg
Requested by
Host: www.23linker.com
URL: https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484kw,14861816,5,7521&ctrack=1679996420.2835872298
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.93.242 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8724f8b7f005bb91bc0800d3944b97f92224a1ef8b8dcae15836385ff15fb66f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484kw,14861816,5,7521&ctrack=1679996420.2835872298
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
public
date
Tue, 28 Mar 2023 09:40:20 GMT
last-modified
Mon, 27 Mar 2023 08:18:30 GMT
etag
"64215156-2203"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
8707
expires
Wed, 27 Mar 2024 09:40:20 GMT
img2.jpg
www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/images/img2.jpg
Requested by
Host: www.23linker.com
URL: https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484kw,14861816,5,7521&ctrack=1679996420.2835872298
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.93.242 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
359072dbf6cd7869b268abc4f7e4c797681da86fa286dbe37adba6bb73cf524e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484kw,14861816,5,7521&ctrack=1679996420.2835872298
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
public
date
Tue, 28 Mar 2023 09:40:20 GMT
last-modified
Mon, 27 Mar 2023 08:18:30 GMT
etag
"64215156-16eb"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
5867
expires
Wed, 27 Mar 2024 09:40:20 GMT
img3.jpg
www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/images/img3.jpg
Requested by
Host: www.23linker.com
URL: https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484kw,14861816,5,7521&ctrack=1679996420.2835872298
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.93.242 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f6280cd41660093614a30582734f512f8922f50f2212e27838944f2b7c2af58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484kw,14861816,5,7521&ctrack=1679996420.2835872298
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
public
date
Tue, 28 Mar 2023 09:40:20 GMT
last-modified
Mon, 27 Mar 2023 08:18:30 GMT
etag
"64215156-2b27"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
11047
expires
Wed, 27 Mar 2024 09:40:20 GMT
img4.jpg
www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/images/img4.jpg
Requested by
Host: www.23linker.com
URL: https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484kw,14861816,5,7521&ctrack=1679996420.2835872298
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.93.242 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3375c0386fe8c071f8ba932d4a0fab905df12bf83ccf73beb58128806d71d04f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484kw,14861816,5,7521&ctrack=1679996420.2835872298
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
public
date
Tue, 28 Mar 2023 09:40:20 GMT
last-modified
Mon, 27 Mar 2023 08:18:30 GMT
etag
"64215156-1def"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
7663
expires
Wed, 27 Mar 2024 09:40:20 GMT
img5.jpg
www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/images/img5.jpg
Requested by
Host: www.23linker.com
URL: https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484kw,14861816,5,7521&ctrack=1679996420.2835872298
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.93.242 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ddcca69cd3842250068f540bd02e723c91be36ab4bc54eb9f8215596fa10066

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484kw,14861816,5,7521&ctrack=1679996420.2835872298
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
public
date
Tue, 28 Mar 2023 09:40:20 GMT
last-modified
Mon, 27 Mar 2023 08:18:30 GMT
etag
"64215156-226e"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
8814
expires
Wed, 27 Mar 2024 09:40:20 GMT
push.php
www.23linker.com/landing/include/js/ 		255 B
357 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.23linker.com/landing/include/js/push.php
Requested by
Host: www.23linker.com
URL: https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484kw,14861816,5,7521&ctrack=1679996420.2835872298
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.93.242 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0289c795c0dc729b62626fb125d01f855b9161fe1ff83bf0e79e33273a24b61c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi?tid=5ydsox8ue75298j5julk484kw,14861816,5,7521&ctrack=1679996420.2835872298
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date
Tue, 28 Mar 2023 09:40:20 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
bg.jpg
www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/images/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/images/bg.jpg
Requested by
Host: www.23linker.com
URL: https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.93.242 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ac4aaa91ff62ee78e9117756d82df1e5a8fb8e2a0ab7eafeea430289666f830

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
public
date
Tue, 28 Mar 2023 09:40:20 GMT
last-modified
Mon, 27 Mar 2023 08:18:30 GMT
etag
"64215156-3138"
content-type
image/jpeg
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
12600
expires
Wed, 27 Mar 2024 09:40:20 GMT
logo_bright.png
www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/images/logo_bright.png
Requested by
Host: www.23linker.com
URL: https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.93.242 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
50065d9680dedd1a6477f6337cb3bd553a4e863a61994623950d8e0f5af6b263

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
public
date
Tue, 28 Mar 2023 09:40:20 GMT
last-modified
Mon, 27 Mar 2023 08:18:30 GMT
etag
"64215156-98c"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
2444
expires
Wed, 27 Mar 2024 09:40:20 GMT
chickies.png
www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/images/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/images/chickies.png
Requested by
Host: www.23linker.com
URL: https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
94.237.93.242 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba0b394bf46289080b34bae2bb40dae5e0ccd99e381dc585a00da1ebd2192fc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.23linker.com/landing/de/all/revhunters/deineficktreffs/3/mobi/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma
public
date
Tue, 28 Mar 2023 09:40:20 GMT
last-modified
Mon, 27 Mar 2023 08:18:30 GMT
etag
"64215156-143ff"
content-type
image/png
cache-control
max-age=31536000, public
accept-ranges
bytes
content-length
82943
expires
Wed, 27 Mar 2024 09:40:20 GMT
pub.min.js
these.reallyspcials.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://these.reallyspcials.com/js/pub.min.js
Requested by
Host: www.23linker.com
URL: https://www.23linker.com/landing/include/js/push.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.64.163.50 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.23linker.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

server
openresty
date
Tue, 28 Mar 2023 09:40:20 GMT
content-type
application/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
yeah.achelous.mobi
URL
https://yeah.achelous.mobi/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

1 Cookies

Domain/Path Name / Value
beamingtime.com/ Name: uid15295
Value: 1334170318-20230328054010-e3b2e6e5a245746f60ac66c61d88d375-

2 Console Messages

Source Level URL
Text
other error URL: https://offer-connect.com/?&__pt__=all&__cm__=Welcome%3A%20Access%20Our%20Best%20Offers%20Available%21&__destUrl__=https://lynku.jukminung.com/rc/9e8aef8068?affclick=1334170318&pubid=690192
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network error URL: https://these.reallyspcials.com/js/pub.min.js
Message:
Failed to load resource: the server responded with a status of 410 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1263f4cc956a.99offrs.com
admoustache.media-412.com
ajax.googleapis.com
api.pushnami.com
beamingtime.com
c.adups.app
cdn.addlnk.com
fonts.googleapis.com
fonts.gstatic.com
lynku.jukminung.com
maxcdn.bootstrapcdn.com
offer-connect.com
ofkfhfyrtdh.s3.amazonaws.com
ozil.glumiville.com
psp.pushnami.com
static.cloudflareinsights.com
these.reallyspcials.com
trc.pushnami.com
www.23linker.com
www.turbotrck.art
yeah.achelous.mobi
yeah.achelous.mobi
107.20.152.124
13.32.99.40
139.64.164.100
174.138.122.163
208.116.59.16
2606:4700:3032::6815:1cae
2606:4700:3035::ac43:9efb
2606:4700::6810:3865
2606:4700::6812:bcf
2a00:1450:4001:809::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200a
2a06:98c1:3121::3
3.64.163.50
34.90.46.36
38.102.245.195
50.17.162.243
51.68.81.31
52.216.36.65
67.212.184.149
94.237.93.242
94.237.99.118
0289c795c0dc729b62626fb125d01f855b9161fe1ff83bf0e79e33273a24b61c
07a29f8490466682dbd32d15165cf11b0003e1d191f49358e4150f0f80daf24f
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
16a16f20db86c407ed70e92c827ebee60bacd75ea9c1a45cf16a8345ebb00eb1
1a9e72104ecab78644102e743d239d323373b19fa601649f35bdc7af60947e91
1fed6296c757fe05090d180d0a1a6aa03faa66186a7f0b2ec92bc269f1f65474
2843128d287da3614565182de89a84deb0e43fd049be6a4ed4d3a682bdd186c4
29eb1d7e5d2f4bd042400e7ef3e9184caf99aeb565311bad8af63f00f1f91bd7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3375c0386fe8c071f8ba932d4a0fab905df12bf83ccf73beb58128806d71d04f
359072dbf6cd7869b268abc4f7e4c797681da86fa286dbe37adba6bb73cf524e
41932365d84f651e0b60d43e451e494530d6c85455b04df9416577e584c382f7
42fa66b97e0ca198bfa261e2398544d9b3dbe31a60ebb010f1afd102d851df5d
50065d9680dedd1a6477f6337cb3bd553a4e863a61994623950d8e0f5af6b263
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5ddcca69cd3842250068f540bd02e723c91be36ab4bc54eb9f8215596fa10066
7603e5ddb2cefe7351088be73cb6531f0b0b9198ed8ef01e935694c7f290cbb2
7817748dc7354950bf4943388276db534474269c0cd0ed6a629841ca3d7b81a1
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ac4aaa91ff62ee78e9117756d82df1e5a8fb8e2a0ab7eafeea430289666f830
7b3c2a92f7ac7f16d0a5f142350fdc4d41f36da0acaff5471247b663f67c7905
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8724f8b7f005bb91bc0800d3944b97f92224a1ef8b8dcae15836385ff15fb66f
97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
9f6280cd41660093614a30582734f512f8922f50f2212e27838944f2b7c2af58
a008e8f8034907560e8d3c7dcf17e301be47ee7e4111832a7591abb26f172912
a4ef73601a6552d55503bcbd9b6cd23fc0c33fa075f8efe724cddd4e3ee55542
ba0b394bf46289080b34bae2bb40dae5e0ccd99e381dc585a00da1ebd2192fc8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee607772e922f816ff318576900b4a7ca92449cd3f15881481a11fe30d934cdc